Security – Page 437 – Computer Security Articles

August 23, 2018 admin

Microsoft Patch Alert: Mainstream August patches look remarkably good, but watch out for the bad boys

Credit to Author: Woody Leonhard| Date: Thu, 23 Aug 2018 14:01:00 -0700

So far this month we’ve only seen one cumulative update for each version of Windows 10, and one set of updates (Security only, Monthly Rollup) for Win7 and 8.1. With a few notable exceptions, those patches are going in rather nicely. What a difference a month makes.

We’ve also seen a massive influx of microcode updates for the latest versions of Windows 10, running on Intel processors. Those patches, released on Aug. 20 and 21, have tied many admins up in knots, with conflicting descriptions and iffy rollout sequences.

Big problems for small niches

At this point, I’m seeing complaints about a handful of patches:

The original SQL Server 2016 SP2 patch, KB 4293807, was so bad Microsoft yanked it — although the yanking took almost a week. It’s since been replaced by KB 4458621, which appears to solve the problem.
The Visual Studio 2015 Update 3 patch, KB 4456688, has gone through two versions — released Aug. 14, pulled, then re-released Aug. 18 — and the re-released version still has problems. There’s a hotfix available from the KB article, but you’d be well advised to avoid it.
Outlook guru Diane Poremsky notes on Slipstick that the version of Outlook in the July Office 365 Click-to-Run won’t allow you to start Outlook if it’s already running. “Only one version of Outlook can run at a time” — even if the “other version” is, in fact, the same version.
The bug in the Win10 1803 upgrade that resets TLS 1.2 settings persists, but there’s an out-of-the-blue patch KB 4458116 that fixes the problem for Intuit QuickBooks Desktop.
The Win10 1803 cumulative update has an acknowledged bug in the way the Edge browser interacts with Application Guard. Since about two of you folks use that combination, I don’t consider it a big deal. The solution, should you encounter the bug, is to uninstall the August cumulative update, manually install the July cumulative update, and then re-install the August cumulative update — thus adding a new dimension to the term “cumulative.”
The Win7 Monthly Rollup has an old acknowledged bug about “missing file (oem<number>.inf).” Although Microsoft hasn’t bothered to give us any details, it looks like that’s mostly a problem with VMware.

The rest of the slate looks remarkably clean. Haven’t seen that in a long while.

To read this article in full, please click here

ComputerWorld Independent

August 23, 2018 admin

China once again cracks down on cryptocurrencies, news outlets

Credit to Author: Lucas Mearian| Date: Thu, 23 Aug 2018 10:06:00 -0700

In an ongoing campaign to tamp down the growth of once-flourishing cryptocurrencies it sees as a threat, the Chinese government has ordered more than a half dozen online news outlets to shut down and banned physical venues from hosting crypto-related events.

On Tuesday, eight blockchain and cryptocurrency-focused media outlets were banned on WeChat, China’s most influential instant communication and mobile payment app, for allegedly violating new government regulations forbidding the publishing of information related to initial coin offerings (ICOs) or cryptocurrency trading speculation.

To read this article in full, please click here

Security Wired

August 23, 2018 admin

Why the DNC Thought a Phishing Test Was a Real Attack

Credit to Author: Louise Matsakis| Date: Thu, 23 Aug 2018 18:48:45 +0000

The Democratic National Committee now says a fraudulent voter data website it found was evidence of an unauthorized test organized by Michigan Democrats.

Security Wired

August 23, 2018 admin

A Monitor’s Ultrasonic Sounds Can Reveal What’s on the Screen

Credit to Author: Lily Hay Newman| Date: Thu, 23 Aug 2018 16:15:23 +0000

Researchers have demonstrated that they can discern individual letters on a display based only on the ultrasonic whine it emits.

Security TrendMicro

August 23, 2018 admin

AI and Machine Learning: Boosting Compliance and Preventing Spam

Credit to Author: Trend Micro| Date: Thu, 23 Aug 2018 12:00:39 +0000

Some of the most advanced strategies in the current technology and analytics spaces include artificial intelligence and machine learning. These innovative approaches can hold nearly endless possibilities for technological applications: from the ability to eliminate manual work and enable software to make accurate predictions based on specific performance indicators. In this way, it’s no…

The post AI and Machine Learning: Boosting Compliance and Preventing Spam appeared first on .

Security TrendMicro

August 23, 2018 admin

Simplifying and Prioritizing Advanced Threat Response Measures

Credit to Author: TJ Alldridge| Date: Thu, 23 Aug 2018 12:09:31 +0000

I had to go to the doctor the other day because I was miserable and sick. I don’t like going to the doctor so I waited until my stuffy nose and congestion turned into a full blown sinus infection. The doctor said this thing was going around, and I should be better in a few…

The post Simplifying and Prioritizing Advanced Threat Response Measures appeared first on .

ComputerWorld Independent

August 23, 2018 admin

Detecting bot attacks | Salted Hash Ep 44

In this episode, host Steve Ragan talks with Engin Akyol, CTO at Distil Networks at the Black Hat 2018 conference, about bot account takeovers and how they can be detected.

Security Wired

August 22, 2018 admin

Tech Giants Are Becoming Defenders of Democracy. Now What?

Credit to Author: Issie Lapowsky| Date: Wed, 22 Aug 2018 19:02:57 +0000

Microsoft, Facebook, and others are ramping up efforts to thwart attacks on elections—making the US government look woefully underprepared in the process.